| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20240501163247-mutt-send-email-mst@kernel.org> Date: Wed, 1 May 2024 16:33:59 -0400 From: "Michael S. Tsirkin" <mst@...hat.com> To: Edward Adam Davis <eadavis@...com> Cc: syzbot+98edc2df894917b3431f@...kaller.appspotmail.com, linux-kernel@...r.kernel.org, syzkaller-bugs@...glegroups.com Subject: Re: [syzbot] [net?] [virt?] [kvm?] KASAN: slab-use-after-free Read in vhost_task_fn On Tue, Apr 30, 2024 at 05:31:47PM +0800, Edward Adam Davis wrote: > please test uaf in vhost_task_fn > > #syz test https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git bb7a2467e6be > diff --git a/kernel/vhost_task.c b/kernel/vhost_task.c > index 48c289947b99..8800f5acc007 100644 > --- a/kernel/vhost_task.c > +++ b/kernel/vhost_task.c > @@ -61,8 +61,8 @@ static int vhost_task_fn(void *data) > set_bit(VHOST_TASK_FLAGS_KILLED, &vtsk->flags); > vtsk->handle_sigkill(vtsk->data); > } > - complete(&vtsk->exited); > mutex_unlock(&vtsk->exit_mutex); > + complete(&vtsk->exited); > > do_exit(0); > } OK so if rebased on latest master by linus then this patch is sufficient. I squashed it in. Edward, thanks a lot for working on this! I added Suggested-by tag if you like me to add your S.O.B too I can do this.
Powered by blists - more mailing lists